Space-Time Signal Processing for Detecting and Classifying Distributed Attacks in Networks

Award Information
Agency:
Department of Defense
Branch
Air Force
Amount:
$99,994.00
Award Year:
2010
Program:
STTR
Phase:
Phase I
Contract:
FA9550-10-C-0090
Award Id:
94954
Agency Tracking Number:
F09B-T09-0167
Solicitation Year:
n/a
Solicitation Topic Code:
AF 09TT09
Solicitation Number:
n/a
Small Business Information
4850 Hahns Peak Drive, Suite 200, Loveland, CO, 80538
Hubzone Owned:
N
Minority Owned:
N
Woman Owned:
N
Duns:
956324362
Principal Investigator:
RandyPaffenroth
Program Director
(970) 461-2000
randy.paffenroth@numerica.us
Business Contact:
JeffPoore
President
(970) 461-2000
jeff.poore@numerica.us
Research Institute:
Colorado State University
Cathy Smith
B204A Engineering
Ft. Collins, CO, 80521
(970) 491-5914

Abstract
A mathematical framework for detection and classification of weak, distributed patterns on computer networks is proposed. The framework will provide rigorous methods for understanding performance bounds and optimality of intrusion detection methods, while also providing concrete and implementable algorithms. The algorithms will find immediate application in cyber-security efforts, as well as more general sensor networks. The mathematical techniques we propose to use include processing of raw data measurements at the nodes into higher-order process states using Numerica's expertise in advanced multiple hypothesis testing , extensions of recently developed compressed sensing methods for compression of second order statistics, and pattern detection using dependencies in second order data - coherence estimates, for example, provide a low-dimensional statistic for the identification of pattern classes. The research will be conducted in tandem with simulations on synthetic data, and actual Internet traffic in real-time using the PlanetLab emulation test-bed. Experimental simulations will not only be used to test algorithms and validate performance bounds, but also to inform and enhance measurement plans and hypotheses. BENEFIT: The proposed research will provide a rigorous mathematical framework for understanding intrusion detection algorithms on computer networks. These algorithms will provide immediate enhancements to current cyber-security efforts, and consequently will benefit computer network security in the corporate sector, all federal agencies, and national infrastructures where breaches of cyber-security are becoming more prevalent and have potentially catastrophic consequences. Thus, the algorithms will help to ensure the integrity of our nation's sensitive computer networks. Commercially, the development of cybersecurity algorithms and software is a multi-billion dollar industry annually and expected to grow robustly as our nation's exposure to cyber threats increases.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government